MainDoctor WhoMusicSoftware
Main Page

Alden Bates' Weblog

Feigning normality since 1973

Even better hotlink protection

Filed in: Website Management.

I haven't been happy with previous methods I've been using for hotlink prevention, because usually they result in a broken graphic on the other site which, depending on the browser, may not be visible.

Method 1: If a user hits a graphic with a referrer from another site, they get a 403 error and an HTML error page. Drawback: this results in a broken image on the other page.

Method 2: If a user hits a graphic with a referrer from another site, they get an HTML page which includes the actual graphic in an <img> tag, and a "hosted by tetrap.com" message. Drawbacks: results in a broken image on the other page, and the hits are recorded as traffic in my server statistics.

So I decided to try a new method: If a user hits a graphic with a referrer from another site, they get a 100x100 black and white image which looks like this*:
[Error 304 graphic

That allows them to see instantly what the problem is instead of giving them a broken graphic with no indication as to why, and it still registers as a 403 error in my server statistics. I've achived this by using a Perl script for my error 403 page. It detects whether the user is trying to load a web page (in which case it gives them an HTMLerror page) or a graphic (in which case it gives them the graphic shown above. I think it's nifty. :)

* Except myspace.com users, who still get tubgirl. Bwahaha.

Posted May 25, 2006 9:26 PM

Comments

Any chance you are willing to share your perl and .htacdess code?
I'd dearly love to use it and would like to discuss using this approach to prevent off-site use of my cgi & pl scripts too!
Mike

Posted by: Mike | June 30, 2006 9:39 AM

I've made a new post with more details. :)

Posted by: Alden Bates | July 1, 2006 11:14 AM

Post a comment





Tetrap.com Site Map